Merge pull request #532 from ase-101/MOSIP-26691

MOSIP-26691

esignet-service/src/main/java/io/mosip/esignet/controllers/OAuthController.java

@@ -11,6 +11,7 @@
 import javax.validation.ConstraintViolation;
 import javax.validation.Validator;
 
+import io.mosip.esignet.services.AuthorizationHelperService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.MediaType;
 import org.springframework.util.MultiValueMap;
@@ -43,6 +44,9 @@ public class OAuthController {
     @Autowired
     private AuditPlugin auditWrapper;
 
+    @Autowired
+    private AuthorizationHelperService authorizationHelperService;
+
     @PostMapping(value = "/token", consumes = {MediaType.APPLICATION_FORM_URLENCODED_VALUE},
             produces = {MediaType.APPLICATION_JSON_VALUE})
     public TokenResponse getToken(@RequestParam MultiValueMap<String,String> paramMap)
@@ -55,7 +59,8 @@ public TokenResponse getToken(@RequestParam MultiValueMap<String,String> paramMa
         try {
         	return oAuthService.getTokens(tokenRequest,false);
         } catch (EsignetException ex) {
-            auditWrapper.logAudit(Action.GENERATE_TOKEN, ActionStatus.ERROR, AuditHelper.buildAuditDto(paramMap.getFirst("client_id")), ex);
+            auditWrapper.logAudit(Action.GENERATE_TOKEN, ActionStatus.ERROR,
+                    AuditHelper.buildAuditDto(authorizationHelperService.getKeyHash(tokenRequest.getCode()), null), ex);
             throw ex;
         }               
     }
@@ -73,7 +78,8 @@ public TokenResponse getTokenV2(@RequestParam MultiValueMap<String,String> param
         try {
             return oAuthService.getTokens(tokenRequest,true);
         } catch (EsignetException ex) {
-            auditWrapper.logAudit(Action.GENERATE_TOKEN, ActionStatus.ERROR, AuditHelper.buildAuditDto(paramMap.getFirst("client_id")), ex);
+            auditWrapper.logAudit(Action.GENERATE_TOKEN, ActionStatus.ERROR,
+                    AuditHelper.buildAuditDto(authorizationHelperService.getKeyHash(tokenRequest.getCode()), null), ex);
             throw ex;
         }
     }

esignet-service/src/main/java/io/mosip/esignet/controllers/SystemInfoController.java

@@ -58,21 +58,26 @@ public ResponseWrapper<KeyPairGenerateResponseDto> getCertificate(
         	throw ex;
         }
         responseWrapper.setResponseTime(IdentityProviderUtil.getUTCDateTime());
+        auditWrapper.logAudit(AuditHelper.getClaimValue(SecurityContextHolder.getContext(), claimName),
+                Action.GET_CERTIFICATE, ActionStatus.SUCCESS, AuditHelper.buildAuditDto(null), null);
         return responseWrapper;
     }
 
     @PostMapping(value = "/uploadCertificate")
     public ResponseWrapper<UploadCertificateResponseDto> uploadSignedCertificate(
             @Valid @RequestBody RequestWrapper<UploadCertificateRequestDto> requestWrapper) {
         ResponseWrapper<UploadCertificateResponseDto> responseWrapper = new ResponseWrapper<>();
+        UploadCertificateRequestDto uploadCertificateRequestDto = requestWrapper.getRequest();
         try {
-        	responseWrapper.setResponse(keymanagerService.uploadCertificate(requestWrapper.getRequest()));
+        	responseWrapper.setResponse(keymanagerService.uploadCertificate(uploadCertificateRequestDto));
         } catch (EsignetException ex) {
         	auditWrapper.logAudit(AuditHelper.getClaimValue(SecurityContextHolder.getContext(), claimName),
-					Action.GET_CERTIFICATE, ActionStatus.ERROR, AuditHelper.buildAuditDto(null), ex);
+					Action.UPLOAD_CERTIFICATE, ActionStatus.ERROR, AuditHelper.buildAuditDto(null), ex);
             throw ex;
         }
         responseWrapper.setResponseTime(IdentityProviderUtil.getUTCDateTime());
+        auditWrapper.logAudit(AuditHelper.getClaimValue(SecurityContextHolder.getContext(), claimName),
+                Action.UPLOAD_CERTIFICATE, ActionStatus.SUCCESS, AuditHelper.buildAuditDto(null), null);
         return responseWrapper;
     }
 

esignet-service/src/test/java/io/mosip/esignet/controllers/OAuthControllerTest.java

@@ -13,6 +13,7 @@
 import io.mosip.esignet.core.exception.EsignetException;
 import io.mosip.esignet.core.exception.InvalidRequestException;
 import io.mosip.esignet.core.spi.OAuthService;
+import io.mosip.esignet.services.AuthorizationHelperService;
 import io.mosip.esignet.services.CacheUtilService;
 import io.mosip.esignet.vci.services.VCICacheService;
 import org.junit.Test;
@@ -57,6 +58,9 @@ public class OAuthControllerTest {
     @MockBean
     VCICacheService vciCacheService;
 
+    @MockBean
+    AuthorizationHelperService authorizationHelperService;
+
     @Test
     public void getAllJwks_thenPass() throws Exception {
         Map<String, Object> sampleResult = new HashMap<>();

oidc-service-impl/src/main/java/io/mosip/esignet/services/AuthorizationHelperService.java

@@ -316,10 +316,11 @@ protected ResponseWrapper<LinkAuthCodeResponse> getLinkAuthStatusResponse(String
         linkAuthCodeResponse.setCode(authCode);
         responseWrapper.setResponseTime(IdentityProviderUtil.getUTCDateTime());
         responseWrapper.setResponse(linkAuthCodeResponse);
+        auditWrapper.logAudit(Action.LINK_AUTH_CODE, ActionStatus.SUCCESS, AuditHelper.buildAuditDto(transactionId, oidcTransaction), null);
         return responseWrapper;
     }
 
-    protected String getKeyHash(@NotNull String value) {
+    public String getKeyHash(@NotNull String value) {
         return IdentityProviderUtil.generateB64EncodedHash(ALGO_SHA3_256, value);
     }
 

oidc-service-impl/src/main/java/io/mosip/esignet/services/LinkedAuthorizationServiceImpl.java

@@ -121,7 +121,8 @@ public LinkCodeResponse generateLinkCode(LinkCodeRequest linkCodeRequest) throws
         linkCodeResponse.setTransactionId(linkCodeRequest.getTransactionId());
         linkCodeResponse.setExpireDateTime(expireDateTime == null ? null :
                 expireDateTime.format(DateTimeFormatter.ofPattern(UTC_DATETIME_PATTERN)));
-        auditWrapper.logAudit(Action.LINK_CODE, ActionStatus.SUCCESS, AuditHelper.buildAuditDto(transaction.getTransactionId(), transaction), null);
+        auditWrapper.logAudit(Action.LINK_CODE, ActionStatus.SUCCESS, AuditHelper.buildAuditDto(
+                linkCodeRequest.getTransactionId(), transaction), null);
         return linkCodeResponse;
     }
 
@@ -179,7 +180,8 @@ private Pair<LinkTransactionResponse, ClientDetail> checkAndPublishLinkedTransac
 
         //Publish message after successfully linking the transaction
         kafkaHelperService.publish(linkedSessionTopicName, linkCodeHash);
-        auditWrapper.logAudit(Action.LINK_TRANSACTION, ActionStatus.SUCCESS, AuditHelper.buildAuditDto(linkTransactionMetadata.getTransactionId(), transaction), null);
+        auditWrapper.logAudit(Action.LINK_TRANSACTION, ActionStatus.SUCCESS,
+                AuditHelper.buildAuditDto(linkTransactionMetadata.getTransactionId(), transaction), null);
         return Pair.of(linkTransactionResponse, clientDetailDto);
     }
 
@@ -330,7 +332,6 @@ public void getLinkAuthCode(DeferredResult deferredResult, LinkAuthCodeRequest l
 
         OIDCTransaction oidcTransaction = cacheUtilService.getConsentedTransaction(linkTransactionMetadata.getLinkedTransactionId());
         if(oidcTransaction != null) {
-            auditWrapper.logAudit(Action.LINK_AUTH_CODE, ActionStatus.SUCCESS, AuditHelper.buildAuditDto(oidcTransaction.getTransactionId(), oidcTransaction), null);
             deferredResult.setResult(authorizationHelperService.getLinkAuthStatusResponse(linkTransactionMetadata.getTransactionId(), oidcTransaction));
         } else {
             authorizationHelperService.addEntryInLinkAuthCodeStatusDeferredResultMap(linkTransactionMetadata.getLinkedTransactionId(), deferredResult);